package com.luochen.cdpt.config;

import java.util.Collection;
import java.util.Iterator;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
/**
 * 权限决策 AccessDecisionManager
 * 有了权限资源，知道了当前访问的url需要的具体权限，接下来就是决策当前的访问是否能通过权限验证了。
 * @author star
 *
 */
@Component
public class UrlAccessDecisionManager implements AccessDecisionManager {
    @Override
    public void decide(Authentication auth, Object o, Collection<ConfigAttribute> cas){
        return;
//        Iterator<ConfigAttribute> iterator = cas.iterator();
//        while (iterator.hasNext()) {
//            ConfigAttribute ca = iterator.next();
//            //当前请求需要的权限
//            String needRole = ca.getAttribute();
//            if ("RoleAdmin".equals(needRole)) {
//                if (auth instanceof AnonymousAuthenticationToken) {
//                    throw new BadCredentialsException("未登录");
//                } else
//                    return;
//            }
//            //当前用户所具有的权限
//            Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
//            for (GrantedAuthority authority : authorities) {
//                if (authority.getAuthority().equals(needRole)) {
//                    return;
//                }
//            }
//        }
//        throw new AccessDeniedException("权限不足!");
    }
    @Override
    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }
    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }
}